Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ADOBE_AIR_APSB15-32.NASL
HistoryDec 08, 2015 - 12:00 a.m.

Adobe AIR <= 19.0.0.241 Multiple Vulnerabilities (APSB15-32)

2015-12-0800:00:00
This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18

10 High

AI Score

Confidence

High

JSON

The version of Adobe AIR installed on the remote Windows host is equal or prior to version 19.0.0.241. It is, therefore, affected by multiple vulnerabilities :

  • Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.
    (CVE-2015-8438, CVE-2015-8446)

  • Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, CVE-2015-8658, CVE-2015-8820)

  • Multiple security bypass vulnerabilities exist that allow an attacker to write arbitrary data to the file system under user permissions. (CVE-2015-8453, CVE-2015-8440, CVE-2015-8409)

  • A stack buffer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2015-8407, CVE-2015-8457)

  • A type confusion error exists that allows an attacker to execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)

  • An integer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2015-8445)

  • A buffer overflow condition exists that allows an attacker to execute arbitrary code. (CVE-2015-8415)

  • Multiple use-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, CVE-2015-8822

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(87243);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/16");

  script_cve_id(
    "CVE-2015-8045",
    "CVE-2015-8047",
    "CVE-2015-8048",
    "CVE-2015-8049",
    "CVE-2015-8050",
    "CVE-2015-8055",
    "CVE-2015-8056",
    "CVE-2015-8057",
    "CVE-2015-8058",
    "CVE-2015-8059",
    "CVE-2015-8060",
    "CVE-2015-8061",
    "CVE-2015-8062",
    "CVE-2015-8063",
    "CVE-2015-8064",
    "CVE-2015-8065",
    "CVE-2015-8066",
    "CVE-2015-8067",
    "CVE-2015-8068",
    "CVE-2015-8069",
    "CVE-2015-8070",
    "CVE-2015-8071",
    "CVE-2015-8401",
    "CVE-2015-8402",
    "CVE-2015-8403",
    "CVE-2015-8404",
    "CVE-2015-8405",
    "CVE-2015-8406",
    "CVE-2015-8407",
    "CVE-2015-8408",
    "CVE-2015-8409",
    "CVE-2015-8410",
    "CVE-2015-8411",
    "CVE-2015-8412",
    "CVE-2015-8413",
    "CVE-2015-8414",
    "CVE-2015-8415",
    "CVE-2015-8416",
    "CVE-2015-8417",
    "CVE-2015-8418",
    "CVE-2015-8419",
    "CVE-2015-8420",
    "CVE-2015-8421",
    "CVE-2015-8422",
    "CVE-2015-8423",
    "CVE-2015-8424",
    "CVE-2015-8425",
    "CVE-2015-8426",
    "CVE-2015-8427",
    "CVE-2015-8428",
    "CVE-2015-8429",
    "CVE-2015-8430",
    "CVE-2015-8431",
    "CVE-2015-8432",
    "CVE-2015-8433",
    "CVE-2015-8434",
    "CVE-2015-8435",
    "CVE-2015-8436",
    "CVE-2015-8437",
    "CVE-2015-8438",
    "CVE-2015-8439",
    "CVE-2015-8440",
    "CVE-2015-8441",
    "CVE-2015-8442",
    "CVE-2015-8443",
    "CVE-2015-8444",
    "CVE-2015-8445",
    "CVE-2015-8446",
    "CVE-2015-8447",
    "CVE-2015-8448",
    "CVE-2015-8449",
    "CVE-2015-8450",
    "CVE-2015-8451",
    "CVE-2015-8452",
    "CVE-2015-8453",
    "CVE-2015-8454",
    "CVE-2015-8455",
    "CVE-2015-8456",
    "CVE-2015-8457",
    "CVE-2015-8652",
    "CVE-2015-8653",
    "CVE-2015-8654",
    "CVE-2015-8655",
    "CVE-2015-8656",
    "CVE-2015-8657",
    "CVE-2015-8658",
    "CVE-2015-8820",
    "CVE-2015-8821",
    "CVE-2015-8822"
  );
  script_bugtraq_id(
    78710,
    78712,
    78713,
    78714,
    78715,
    78716,
    78717,
    78718,
    78802
  );
  script_xref(name:"ZDI", value:"ZDI-15-601");
  script_xref(name:"ZDI", value:"ZDI-15-602");
  script_xref(name:"ZDI", value:"ZDI-15-603");
  script_xref(name:"ZDI", value:"ZDI-15-604");
  script_xref(name:"ZDI", value:"ZDI-15-605");
  script_xref(name:"ZDI", value:"ZDI-15-606");
  script_xref(name:"ZDI", value:"ZDI-15-607");
  script_xref(name:"ZDI", value:"ZDI-15-608");
  script_xref(name:"ZDI", value:"ZDI-15-609");
  script_xref(name:"ZDI", value:"ZDI-15-610");
  script_xref(name:"ZDI", value:"ZDI-15-611");
  script_xref(name:"ZDI", value:"ZDI-15-612");
  script_xref(name:"ZDI", value:"ZDI-15-613");
  script_xref(name:"ZDI", value:"ZDI-15-614");
  script_xref(name:"ZDI", value:"ZDI-15-655");
  script_xref(name:"ZDI", value:"ZDI-15-656");
  script_xref(name:"ZDI", value:"ZDI-15-657");
  script_xref(name:"ZDI", value:"ZDI-15-658");
  script_xref(name:"ZDI", value:"ZDI-15-659");
  script_xref(name:"ZDI", value:"ZDI-15-660");
  script_xref(name:"ZDI", value:"ZDI-15-661");
  script_xref(name:"ZDI", value:"ZDI-15-662");
  script_xref(name:"ZDI", value:"ZDI-15-663");
  script_xref(name:"ZDI", value:"ZDI-15-664");
  script_xref(name:"EDB-ID", value:"39042");
  script_xref(name:"EDB-ID", value:"39043");
  script_xref(name:"EDB-ID", value:"39047");
  script_xref(name:"EDB-ID", value:"39049");
  script_xref(name:"EDB-ID", value:"39051");
  script_xref(name:"EDB-ID", value:"39052");
  script_xref(name:"EDB-ID", value:"39053");
  script_xref(name:"EDB-ID", value:"39054");
  script_xref(name:"EDB-ID", value:"39072");

  script_name(english:"Adobe AIR <= 19.0.0.241 Multiple Vulnerabilities (APSB15-32)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host has a browser plugin installed that is
affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Adobe AIR installed on the remote Windows host is equal
or prior to version 19.0.0.241. It is, therefore, affected by multiple
vulnerabilities :

  - Multiple heap buffer overflow conditions exist that
    allow an attacker to execute arbitrary code.
    (CVE-2015-8438, CVE-2015-8446)

  - Multiple memory corruption issues exist that allow an
    attacker to execute arbitrary code. (CVE-2015-8045,
    CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,
    CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,
    CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,
    CVE-2015-8451, CVE-2015-8455, CVE-2015-8652,
    CVE-2015-8654, CVE-2015-8656, CVE-2015-8657,
    CVE-2015-8658, CVE-2015-8820)

  - Multiple security bypass vulnerabilities exist that
    allow an attacker to write arbitrary data to the file
    system under user permissions. (CVE-2015-8453,
    CVE-2015-8440,  CVE-2015-8409)

  - A stack buffer overflow condition exists that allows an
    attacker to execute arbitrary code. (CVE-2015-8407,
    CVE-2015-8457)

  - A type confusion error exists that allows an attacker to
    execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)

  - An integer overflow condition exists that allows an
    attacker to execute arbitrary code. (CVE-2015-8445)

  - A buffer overflow condition exists that allows an
    attacker to execute arbitrary code. (CVE-2015-8415)

  - Multiple use-after-free errors exist that allow an
    attacker to execute arbitrary code. (CVE-2015-8048,
    CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,
    CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,
    CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,
    CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,
    CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,
    CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,
    CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,
    CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,
    CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,
    CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,
    CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,
    CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,
    CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,
    CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,
    CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,
    CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,
    CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,
    CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,
    CVE-2015-8454, CVE-2015-8653, CVE-2015-8655,
    CVE-2015-8821, CVE-2015-8822");
  script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe AIR version 20.0.0.204 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-8457");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/12/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/08");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:air");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("adobe_air_installed.nasl");
  script_require_keys("SMB/Adobe_AIR/Version", "SMB/Adobe_AIR/Path");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

version = get_kb_item_or_exit("SMB/Adobe_AIR/Version");
path = get_kb_item_or_exit("SMB/Adobe_AIR/Path");

version_ui = get_kb_item("SMB/Adobe_AIR/Version_UI");
if (isnull(version_ui)) version_report = version;
else version_report = version_ui + ' (' + version + ')';

cutoff_version = '19.0.0.245';
fix = '20.0.0.204';
fix_ui = '20.0';

if (ver_compare(ver:version, fix:cutoff_version) <= 0)
{
  port = get_kb_item("SMB/transport");
  if (!port) port = 445;

  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version_report +
      '\n  Fixed version     : ' + fix_ui + " (" + fix + ')' +
      '\n';
    security_hole(port:port, extra:report);
  }
  else security_hole(port);
  exit(0);
}
else audit(AUDIT_INST_PATH_NOT_VULN, "Adobe AIR", version_report, path);
VendorProductVersionCPE
adobeaircpe:/a:adobe:air

References

Related

suse 3
prion 60
cvelist 57
ubuntucve 53
nessus 14
archlinux 1
altlinux 2
openvas 7
redhat 1
freebsd 1
suse
suse
Security update for flash-player (important)
2015-12-10 12:10:31
Security update for flash-player (important)
2015-12-10 15:10:22
Security update for flash-player (important)
2015-12-09 20:10:33
prion
prion
Design/Logic Flaw
2016-03-04 23:59:00
Design/Logic Flaw
2015-12-10 06:00:00
Design/Logic Flaw
2015-12-10 05:59:00
cvelist
cvelist
CVE-2015-8653
2016-03-04 23:00:00
CVE-2015-8655
2016-03-04 23:00:00
CVE-2015-8822
2016-03-04 23:00:00
ubuntucve
ubuntucve
CVE-2015-8821
2016-03-04 00:00:00
CVE-2015-8655
2016-03-04 00:00:00
CVE-2015-8050
2015-12-10 00:00:00
nessus
nessus
Flash Player < 20.0.0.228 Multiple Vulnerabilities (APSB15-32)
2016-01-08 00:00:00
SUSE SLED11 Security Update : flash-player (SUSE-SU-2015:2236-1)
2015-12-11 00:00:00
openSUSE Security Update : flash-player (openSUSE-2015-882)
2016-01-04 00:00:00
archlinux
archlinux
flashplugin: multiple issues
2015-12-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt57
2015-12-09 00:00:00
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt57
2015-12-09 00:00:00
openvas
openvas
SUSE: Security Advisory for flash-player (SUSE-SU-2015:2247-1)
2015-12-11 00:00:00
Adobe Flash Player Multiple Vulnerabilities (Dec 2015) - Windows
2015-12-10 00:00:00
Adobe Air Multiple Vulnerabilities (Dec 2015) - Windows
2015-12-10 00:00:00
redhat
redhat
(RHSA-2015:2593) Critical: flash-plugin security update
2015-12-09 00:00:00
freebsd
freebsd
flash -- multiple vulnerabilities
2015-12-08 00:00:00

10 High

AI Score

Confidence

High

JSON
Related for ADOBE_AIR_APSB15-32.NASL
suse3prion60cvelist57ubuntucve53nessus14archlinux1altlinux2openvas7redhat1freebsd1